[PATCH 3/6] Audit task comm if exe cannot be determined

From: Stephen Smalley
Date: Thu Dec 02 2004 - 10:50:24 EST


This patch for 2.6.10-rc2-mm4 ensures that the comm is included in the audit message if
avc_audit is unable to determine the exe due to the mmap_sem being
held. This is helpful in tracking down the causes of permission
denials that occur in the mmap/mprotect hooks.

Signed-off-by: Stephen Smalley <sds@xxxxxxxxxxxxxx>
Signed-off-by: James Morris <jmorris@xxxxxxxxxx>

security/selinux/avc.c | 2 ++
1 files changed, 2 insertions(+)

--- linux-2.6.10-rc2-mm4/security/selinux/avc.c.orig 2004-12-01 13:02:56.299974456 -0500
+++ linux-2.6.10-rc2-mm4/security/selinux/avc.c 2004-12-01 13:25:15.445393408 -0500
@@ -566,6 +566,8 @@ void avc_audit(u32 ssid, u32 tsid,
vma = vma->vm_next;
}
up_read(&mm->mmap_sem);
+ } else {
+ audit_log_format(ab, " comm=%s", tsk->comm);
}
if (tsk != current)
mmput(mm);

--
Stephen Smalley <sds@xxxxxxxxxxxxxx>
National Security Agency

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/